[ISN] Linux Advisory Watch - September 10th 2004

InfoSec News isn at c4i.org
Mon Sep 13 03:43:38 EDT 2004


+---------------------------------------------------------------------+
|  LinuxSecurity.com                             Weekly Newsletter    |
|  September 10th, 2004                        Volume 5, Number 36a   |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave at linuxsecurity.com          ben at linuxsecurity.com

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for imlib, krb5, and kernel. The
distributors include Fedora, Mandrake, and Suse.

-----

>> Internet Productivity Suite:  Open Source Security <<

Trust Internet Productivity Suite's open source architecture to give you
the best security and productivity applications available.  Collaborating
with thousands of developers, Guardian Digital security engineers
implement the most technologically advanced ideas and methods into their
design.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn10

-----

BIOS Security

The BIOS is the lowest level of software that configures or manipulates
your x86-based hardware.

LILO and other Linux boot methods access the BIOS to determine how to boot
up your Linux machine. Other hardware that Linux runs on has similar
software (OpenFirmware on Macs and new Suns, Sun boot PROM, etc...). You
can use your BIOS to prevent attackers from rebooting your machine and
manipulating your Linux system.

Most PC BIOSs let you set a boot password. This doesn't provide all that
much security (the BIOS can be reset, or removed if someone can get into
the case), but might be a good deterrent (i.e. it will take time and leave
traces of tampering). Similarly, on SPARC/Linux (Linux for SPARC(tm)
processor machines), your EEPROM can be set to require a boot-up password.
This might slow attackers down.

Many PC BIOSs also allow you to specify various other good security
settings. Check your BIOS manual or look at it the next time you boot up.
For example, most BIOSs disallow booting from floppy drives and some
require passwords to access some BIOS features.

Note: If you have a server machine, and you set up a boot password, your
machine will not boot up unattended. Keep in mind that you will need to
come in and supply the password in the event of a power failure.

 Security Tip Written by Dave Wreski (dave at linuxsecurity.com)
 Additional tips are available at the following URL:
 http://www.linuxsecurity.com/tips/

-----

AIDE and CHKROOTKIT

Network security is continuing to be a big problem for companies and home
users. The problem can be resolved with an accurate security analysis. In
this article I show how to approach security using aide and chkrootkit.

http://www.linuxsecurity.com/feature_stories/feature_story-173.html

---------------------------------------------------------------------

An Interview with Gary McGraw, Co-author of Exploiting Software:
How to Break Code

Gary McGraw is perhaps best known for his groundbreaking work on securing
software, having co-authored the classic Building Secure Software
(Addison-Wesley, 2002). More recently, he has co-written with Greg Hoglund
a companion volume, Exploiting Software, which details software security
from the vantage point of the other side, the attacker. He has graciously
agreed to share some of his insights with all of us at LinuxSecurity.com

http://www.linuxsecurity.com/feature_stories/feature_story-171.html

------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

 9/10/2004 - imlib-1.9.13-15.fc Security update (core1)

   Several heap overflow vulnerabilities have been found in the imlib
   BMP image handler. An attacker could create a carefully crafted
   BMP file in such a way that it would cause an application linked
   with imlib to execute arbitrary code when the file was opened by a
   victim.

   http://www.linuxsecurity.com/advisories/fedora_advisory-4731.html


+---------------------------------+
|  Distribution: Mandrake         | ----------------------------//
+---------------------------------+

 9/1/2004 - krb5
   multiple vulnerabilities

   A double-free vulnerability exists in the MIT Kerberos 5's KDC
   program  that could potentially allow a remote attacker to execute
   arbitrary code on the KDC host.

   http://www.linuxsecurity.com/advisories/mandrake_advisory-4726.html


+---------------------------------+
|  Distribution: Suse             | ----------------------------//
+---------------------------------+

 9/1/2004 - kernel
   vulnerabilities

   Various signedness issues and integer overflows have been fixed
   within kNFSd and the XDR decode functions of kernel 2.6.

   http://www.linuxsecurity.com/advisories/suse_advisory-4728.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------





More information about the ISN mailing list